CRL & OCSP report for 0-naturalmedicines.therapeuticresearch.com.millennium.midwestern.edu - millennium.midwestern.edu (Midwestern University)

millennium.midwestern.edu

This certificate was cached at
Certificate details for millennium.midwestern.edu (At position 0 in certificate chain)
Serial number:
hex: 74c10fb74be253e626f6e793
int: 36133658039181085081861547923
Issued by: GlobalSign Organization Validation CA - SHA256 - G2
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: Midwestern University
State / Province: Illinois
Locality: Downers Grove
Country: US
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

View complete certificate details for 0-naturalmedicines.therapeuticresearch.com.millennium.midwestern.edu.

Certificate Revocation List (CRL)

This CRL was cached at
http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl.globalsign.com/gs/gsorganizationvalsha2g2.crl
Size: 110927 bytes (DER data)
Response time: 17.460272ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 3279

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare, CloudFront
Cache Information: HIT, Hit from cloudfront

Raw CRL response headers

Accept-Ranges: [bytes]
Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [HIT]
Cf-Ray: [3243a62433fa078b-EWR]
Content-Length: [110927]
Content-Type: [application/pkix-crl]
Date: [Fri, 20 Jan 2017 15:44:39 GMT]
Etag: [E41D]
Expires: [Thu, 26 Jan 2017 20:56:06 GMT]
Last-Modified: [Thu, 19 Jan 2017 20:56:06 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=dafb45e1dfc06a33fdb54773c745a2fce1484927079; expires=Sat, 20-Jan-18 15:44:39 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
Via: [1.1 38dd041e5821fc4ffd23efc57eaadfdf.cloudfront.net (CloudFront)]
X-Amz-Cf-Id: [KUFRJWxKHB0qYMi5U7ZhupZx-nmiTQfp0olEGLhXI3NeqQ4dMRv8-A==]
X-Cache: [Hit from cloudfront]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than seven days old, CRLs must be updated and reissued at least every seven days (Mozilla Maintenance Policy section 3)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp2.globalsign.com/gsorganizationvalsha2g2 (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp2.globalsign.com/gsorganizationvalsha2g2 (POST)
Size: 1570 bytes (DER data)
Response time: 3.511110161s
Signature algorithm: SHA256WithRSA
Signature type: CA Deligated
Signed by: GlobalSign Organization Validation CA - SHA256 - G2 - OCSP Responder
Issued by: GlobalSign Organization Validation CA - SHA256 - G2
Signing certificate validity: 2016-11-24 - 2017-02-24
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare
Cache Information: HIT

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
ME0wSzBJMEcwRTAJBgUrDgMCGgUABBQMnk2cPe3vhNiR6XLHz4QGvBl7BwQUlt5h
8b0cFilTHMDMfTuDAEDmGnwCDHTBD7dL4lPmJvbnkw==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGHgoBAKCCBhcwggYTBgkrBgEFBQcwAQEEggYEMIIGADCBmqIWBBScTQCZAA6L
sAGBdaG68NAl16AcRxgPMjAxNzAxMjAxODIzMjJaMG8wbTBFMAkGBSsOAwIaBQAE
FAyeTZw97e+E2JHpcsfPhAa8GXsHBBSW3mHxvRwWKVMcwMx9O4MAQOYafAIMdMEP
t0viU+Ym9ueTgAAYDzIwMTcwMTIwMTgyMzIyWqARGA8yMDE3MDEyNDE4MjMyMlow
DQYJKoZIhvcNAQELBQADggEBAMpiC7bEGB55d4uZsJn2MD9Ds1tDiAquRdrbb98W
DO7KhZIoyM4SF2FZ77QuAkMl2V4NfwkEN3B2s1bGMaKemhm5djhm0vOOIhPcwPAe
Zu4Vr8ku0TBdzXVIaQWPU4VKhkH03rhL3fAwh5+FySgvxEG90ejcZqckSH7FP+XL
shQobG4wy+zo1CYzQS5YWGOLyrn34g5+fWxxbinHxpZoPdn7yF3pNjd7RY6jcABx
cyK0zBFo3mDelJiL8zKrOUO7rpLOHFp4Yn+s3ZyMlSdK45tAnnbMYJrBe+1t/fJt
N8xTsWOH5cRijIWIpsCd1STkqDpVCLxGAJ9KsOFulWiV/VqgggRLMIIERzCCBEMw
ggMroAMCAQICDHGRoX36ZGO9at+fKDANBgkqhkiG9w0BAQsFADBmMQswCQYDVQQG
EwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTE8MDoGA1UEAxMzR2xvYmFs
U2lnbiBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBDQSAtIFNIQTI1NiAtIEcyMB4X
DTE2MTEyNDAzMTg0M1oXDTE3MDIyNDAzMTg0M1owgY4xCzAJBgNVBAYTAkJFMRkw
FwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRUwEwYDVQQFEwwyMDE2MTEyNDExMjgx
TTBLBgNVBAMTREdsb2JhbFNpZ24gT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gQ0Eg
LSBTSEEyNTYgLSBHMiAtIE9DU1AgUmVzcG9uZGVyMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA0kOXzzBq49lSztun694Fi9cwEyLIZagm3jYnimSW+vpf
qQoFF/U48JGqWfXOt8Evncl6f6MtaGmvaxjguf2aru1EtxS5pdX8/4PtdRcGPmgb
wbn8VDIukn4P8So7v9afdh1eoiFk7Kjq9wzK+jiDcNplpqJtZdUVlD6s7laW4aVs
Ewe7UBk2hlaBxUfl0ztYmwd/3Ln+BjEyVRYpRNFFKGxkUeoNhzY3zRBAqp0dHP3H
bPCUGUGePmzp87283fRtBdRlO9ixk4C3bvZ+kJBXYoE/ootnRdWMuJCYubNh4EtN
+UbOE4J9gXFvO1PlBBxgL9YSc5KY65Y2HPeNoUfrYQIDAQABo4HHMIHEMB0GA1Ud
DgQWBBScTQCZAA6LsAGBdaG68NAl16AcRzAfBgNVHSMEGDAWgBSW3mHxvRwWKVMc
wMx9O4MAQOYafDAPBgkrBgEFBQcwAQUEAgUAMEwGA1UdIARFMEMwQQYJKwYBBAGg
MgFfMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3Jl
cG9zaXRvcnkvMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDCTAN
BgkqhkiG9w0BAQsFAAOCAQEADUgRCbAYskOASWXjjNvLOxN5ThknzN3S5y8/rVSy
FS1Un2GFzTSuggpu4/dPVy9slu7NwFt8Dvwt7mmD/S+GJ5veMZUiCxbrgIqBM1v9
nNdKHpzpr95cQK5Toj0tcLPTcIGsDObTumSBtZY+fkrofEUweYi246CL7yGWO6dj
jiyEieZ8fAZW9IuYF0vQkkzm8otkWH+3xmHRur2dNicK5FX930fO7skRQTvoi5jq
y44c+PoANEuTBvEf55bBo3/MzWvXQl29cwszverJJA4LQ3KBmYqmVBkqegClvncX
CySX4njX9TO+h7NL0OeWgjFKhTKkzsdFOXOYTC4IGqm/Tw==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEQzCCAyugAwIBAgIMcZGhffpkY71q358oMA0GCSqGSIb3DQEBCwUAMGYxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNH
bG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0g
RzIwHhcNMTYxMTI0MDMxODQzWhcNMTcwMjI0MDMxODQzWjCBjjELMAkGA1UEBhMC
QkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExFTATBgNVBAUTDDIwMTYxMTI0
MTEyODFNMEsGA1UEAxNER2xvYmFsU2lnbiBPcmdhbml6YXRpb24gVmFsaWRhdGlv
biBDQSAtIFNIQTI1NiAtIEcyIC0gT0NTUCBSZXNwb25kZXIwggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQDSQ5fPMGrj2VLO26fr3gWL1zATIshlqCbeNieK
ZJb6+l+pCgUX9TjwkapZ9c63wS+dyXp/oy1oaa9rGOC5/Zqu7US3FLml1fz/g+11
FwY+aBvBufxUMi6Sfg/xKju/1p92HV6iIWTsqOr3DMr6OINw2mWmom1l1RWUPqzu
VpbhpWwTB7tQGTaGVoHFR+XTO1ibB3/cuf4GMTJVFilE0UUobGRR6g2HNjfNEECq
nR0c/cds8JQZQZ4+bOnzvbzd9G0F1GU72LGTgLdu9n6QkFdigT+ii2dF1Yy4kJi5
s2HgS035Rs4Tgn2BcW87U+UEHGAv1hJzkpjrljYc942hR+thAgMBAAGjgccwgcQw
HQYDVR0OBBYEFJxNAJkADouwAYF1obrw0CXXoBxHMB8GA1UdIwQYMBaAFJbeYfG9
HBYpUxzAzH07gwBA5hp8MA8GCSsGAQUFBzABBQQCBQAwTAYDVR0gBEUwQzBBBgkr
BgEEAaAyAV8wNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5j
b20vcmVwb3NpdG9yeS8wDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUF
BwMJMA0GCSqGSIb3DQEBCwUAA4IBAQANSBEJsBiyQ4BJZeOM28s7E3lOGSfM3dLn
Lz+tVLIVLVSfYYXNNK6CCm7j909XL2yW7s3AW3wO/C3uaYP9L4Ynm94xlSILFuuA
ioEzW/2c10oenOmv3lxArlOiPS1ws9NwgawM5tO6ZIG1lj5+Suh8RTB5iLbjoIvv
IZY7p2OOLISJ5nx8Blb0i5gXS9CSTObyi2RYf7fGYdG6vZ02JwrkVf3fR87uyRFB
O+iLmOrLjhz4+gA0S5MG8R/nlsGjf8zNa9dCXb1zCzO96skkDgtDcoGZiqZUGSp6
AKW+dxcLJJfieNf1M76Hs0vQ55aCMUqFMqTOx0U5c5hMLggaqb9P
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [HIT]
Cf-Ray: [3244c50bb0c02186-EWR]
Content-Length: [1570]
Content-Type: [application/ocsp-response]
Date: [Fri, 20 Jan 2017 19:00:34 GMT]
Etag: ["1794c2fd9d332ce57437a3ae5c7c7a8d4b173c83"]
Expires: [Tue, 24 Jan 2017 18:23:22 GMT]
Last-Modified: [Fri, 20 Jan 2017 18:23:22 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=d1f86ba98feef2d71d9df5f419a4a87ff1484938830; expires=Sat, 20-Jan-18 19:00:30 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp2.globalsign.com/gsorganizationvalsha2g2 (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp2.globalsign.com/gsorganizationvalsha2g2 (GET)
Size: 1570 bytes (DER data)
Response time: 3.261315114s
Signature algorithm: SHA256WithRSA
Signature type: CA Deligated
Signed by: GlobalSign Organization Validation CA - SHA256 - G2 - OCSP Responder
Issued by: GlobalSign Organization Validation CA - SHA256 - G2
Signing certificate validity: 2016-11-24 - 2017-02-24
Signing certificate algorithm: SHA256-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare
Cache Information: MISS

URL used for GET request

http:/gsorganizationvalsha2g2/ME0wSzBJMEcwRTAJBgUrDgMCGgUABBQMnk2cPe3vhNiR6XLHz4QGvBl7BwQUlt5h8b0cFilTHMDMfTuDAEDmGnwCDHTBD7dL4lPmJvbnkw%3D%3D

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
ME0wSzBJMEcwRTAJBgUrDgMCGgUABBQMnk2cPe3vhNiR6XLHz4QGvBl7BwQUlt5h
8b0cFilTHMDMfTuDAEDmGnwCDHTBD7dL4lPmJvbnkw==
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIGHgoBAKCCBhcwggYTBgkrBgEFBQcwAQEEggYEMIIGADCBmqIWBBScTQCZAA6L
sAGBdaG68NAl16AcRxgPMjAxNzAxMjAxODIzMjJaMG8wbTBFMAkGBSsOAwIaBQAE
FAyeTZw97e+E2JHpcsfPhAa8GXsHBBSW3mHxvRwWKVMcwMx9O4MAQOYafAIMdMEP
t0viU+Ym9ueTgAAYDzIwMTcwMTIwMTgyMzIyWqARGA8yMDE3MDEyNDE4MjMyMlow
DQYJKoZIhvcNAQELBQADggEBAMpiC7bEGB55d4uZsJn2MD9Ds1tDiAquRdrbb98W
DO7KhZIoyM4SF2FZ77QuAkMl2V4NfwkEN3B2s1bGMaKemhm5djhm0vOOIhPcwPAe
Zu4Vr8ku0TBdzXVIaQWPU4VKhkH03rhL3fAwh5+FySgvxEG90ejcZqckSH7FP+XL
shQobG4wy+zo1CYzQS5YWGOLyrn34g5+fWxxbinHxpZoPdn7yF3pNjd7RY6jcABx
cyK0zBFo3mDelJiL8zKrOUO7rpLOHFp4Yn+s3ZyMlSdK45tAnnbMYJrBe+1t/fJt
N8xTsWOH5cRijIWIpsCd1STkqDpVCLxGAJ9KsOFulWiV/VqgggRLMIIERzCCBEMw
ggMroAMCAQICDHGRoX36ZGO9at+fKDANBgkqhkiG9w0BAQsFADBmMQswCQYDVQQG
EwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTE8MDoGA1UEAxMzR2xvYmFs
U2lnbiBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBDQSAtIFNIQTI1NiAtIEcyMB4X
DTE2MTEyNDAzMTg0M1oXDTE3MDIyNDAzMTg0M1owgY4xCzAJBgNVBAYTAkJFMRkw
FwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRUwEwYDVQQFEwwyMDE2MTEyNDExMjgx
TTBLBgNVBAMTREdsb2JhbFNpZ24gT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gQ0Eg
LSBTSEEyNTYgLSBHMiAtIE9DU1AgUmVzcG9uZGVyMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA0kOXzzBq49lSztun694Fi9cwEyLIZagm3jYnimSW+vpf
qQoFF/U48JGqWfXOt8Evncl6f6MtaGmvaxjguf2aru1EtxS5pdX8/4PtdRcGPmgb
wbn8VDIukn4P8So7v9afdh1eoiFk7Kjq9wzK+jiDcNplpqJtZdUVlD6s7laW4aVs
Ewe7UBk2hlaBxUfl0ztYmwd/3Ln+BjEyVRYpRNFFKGxkUeoNhzY3zRBAqp0dHP3H
bPCUGUGePmzp87283fRtBdRlO9ixk4C3bvZ+kJBXYoE/ootnRdWMuJCYubNh4EtN
+UbOE4J9gXFvO1PlBBxgL9YSc5KY65Y2HPeNoUfrYQIDAQABo4HHMIHEMB0GA1Ud
DgQWBBScTQCZAA6LsAGBdaG68NAl16AcRzAfBgNVHSMEGDAWgBSW3mHxvRwWKVMc
wMx9O4MAQOYafDAPBgkrBgEFBQcwAQUEAgUAMEwGA1UdIARFMEMwQQYJKwYBBAGg
MgFfMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3Jl
cG9zaXRvcnkvMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDCTAN
BgkqhkiG9w0BAQsFAAOCAQEADUgRCbAYskOASWXjjNvLOxN5ThknzN3S5y8/rVSy
FS1Un2GFzTSuggpu4/dPVy9slu7NwFt8Dvwt7mmD/S+GJ5veMZUiCxbrgIqBM1v9
nNdKHpzpr95cQK5Toj0tcLPTcIGsDObTumSBtZY+fkrofEUweYi246CL7yGWO6dj
jiyEieZ8fAZW9IuYF0vQkkzm8otkWH+3xmHRur2dNicK5FX930fO7skRQTvoi5jq
y44c+PoANEuTBvEf55bBo3/MzWvXQl29cwszverJJA4LQ3KBmYqmVBkqegClvncX
CySX4njX9TO+h7NL0OeWgjFKhTKkzsdFOXOYTC4IGqm/Tw==
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEQzCCAyugAwIBAgIMcZGhffpkY71q358oMA0GCSqGSIb3DQEBCwUAMGYxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNH
bG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0g
RzIwHhcNMTYxMTI0MDMxODQzWhcNMTcwMjI0MDMxODQzWjCBjjELMAkGA1UEBhMC
QkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExFTATBgNVBAUTDDIwMTYxMTI0
MTEyODFNMEsGA1UEAxNER2xvYmFsU2lnbiBPcmdhbml6YXRpb24gVmFsaWRhdGlv
biBDQSAtIFNIQTI1NiAtIEcyIC0gT0NTUCBSZXNwb25kZXIwggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQDSQ5fPMGrj2VLO26fr3gWL1zATIshlqCbeNieK
ZJb6+l+pCgUX9TjwkapZ9c63wS+dyXp/oy1oaa9rGOC5/Zqu7US3FLml1fz/g+11
FwY+aBvBufxUMi6Sfg/xKju/1p92HV6iIWTsqOr3DMr6OINw2mWmom1l1RWUPqzu
VpbhpWwTB7tQGTaGVoHFR+XTO1ibB3/cuf4GMTJVFilE0UUobGRR6g2HNjfNEECq
nR0c/cds8JQZQZ4+bOnzvbzd9G0F1GU72LGTgLdu9n6QkFdigT+ii2dF1Yy4kJi5
s2HgS035Rs4Tgn2BcW87U+UEHGAv1hJzkpjrljYc942hR+thAgMBAAGjgccwgcQw
HQYDVR0OBBYEFJxNAJkADouwAYF1obrw0CXXoBxHMB8GA1UdIwQYMBaAFJbeYfG9
HBYpUxzAzH07gwBA5hp8MA8GCSsGAQUFBzABBQQCBQAwTAYDVR0gBEUwQzBBBgkr
BgEEAaAyAV8wNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5j
b20vcmVwb3NpdG9yeS8wDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUF
BwMJMA0GCSqGSIb3DQEBCwUAA4IBAQANSBEJsBiyQ4BJZeOM28s7E3lOGSfM3dLn
Lz+tVLIVLVSfYYXNNK6CCm7j909XL2yW7s3AW3wO/C3uaYP9L4Ynm94xlSILFuuA
ioEzW/2c10oenOmv3lxArlOiPS1ws9NwgawM5tO6ZIG1lj5+Suh8RTB5iLbjoIvv
IZY7p2OOLISJ5nx8Blb0i5gXS9CSTObyi2RYf7fGYdG6vZ02JwrkVf3fR87uyRFB
O+iLmOrLjhz4+gA0S5MG8R/nlsGjf8zNa9dCXb1zCzO96skkDgtDcoGZiqZUGSp6
AKW+dxcLJJfieNf1M76Hs0vQ55aCMUqFMqTOx0U5c5hMLggaqb9P
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [public, no-transform, must-revalidate]
Cf-Cache-Status: [MISS]
Cf-Ray: [3244c50bb0bf2186-EWR]
Content-Length: [1570]
Content-Type: [application/ocsp-response]
Date: [Fri, 20 Jan 2017 19:00:33 GMT]
Etag: ["1794c2fd9d332ce57437a3ae5c7c7a8d4b173c83"]
Expires: [Tue, 24 Jan 2017 18:23:22 GMT]
Last-Modified: [Fri, 20 Jan 2017 18:23:22 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=d1f86ba98feef2d71d9df5f419a4a87ff1484938830; expires=Sat, 20-Jan-18 19:00:30 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • ThisUpdate is less than four days old, OCSP information must be updated at least every four days (Mozilla & Baseline Requirements)
  • The NextUpdate field is not more than ten days beyond the value of the ThisUpdate field (Mozilla & Baseline Requirements)
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

GlobalSign Organization Validation CA - SHA256 - G2 (CA Certificate)

This certificate was cached at
Certificate details for GlobalSign Organization Validation CA - SHA256 - G2 (At position 1 in certificate chain)
Serial number:
hex: 40000000001444ef04247
int: 4835703278459909592597063
Issued by: GlobalSign Root CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GlobalSign nv-sa
Country: BE
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

Certificate Revocation List (CRL)

This CRL was cached at
http://crl.globalsign.net/root.crl

CRL information

Source: CRL Distribution Points in Certificate
Location: http://crl.globalsign.net/root.crl
Size: 693 bytes (DER data)
Response time: 11.537593ms
This update:
Next update:
Revoked: No
Revoked certificates in CRL: 5

Relevant server response headers

Date:
Last Modified:
Expires:

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare
Cache Information: HIT

Raw CRL response headers

Accept-Ranges: [bytes]
Cache-Control: [public, max-age=7287321]
Cf-Cache-Status: [HIT]
Cf-Ray: [3243a624316f18a0-EWR]
Content-Length: [693]
Content-Type: [application/pkix-crl]
Date: [Fri, 20 Jan 2017 15:44:39 GMT]
Etag: [37]
Expires: [Sat, 15 Apr 2017 00:00:00 GMT]
Last-Modified: [Sat, 07 Jan 2017 00:00:00 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=d8ef9503c4920d89b8722d783eee59d881484927079; expires=Sat, 20-Jan-18 15:44:39 GMT; path=/; domain=.globalsign.net; HttpOnly]
Vary: [Accept-Encoding]
  • Content-Type in response is set to 'application/pkix-crl (RFC 5280, section 4.2.1.13)'
  • This CRL file is DER encoded
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

Online Certificate Status Protocol (OCSP)

This OCSP response was cached at
http://ocsp.globalsign.com/rootr1 (GET)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.globalsign.com/rootr1 (GET)
Size: 1518 bytes (DER data)
Response time: 6.638751ms
Signature algorithm: SHA256WithRSA
Signature type: CA Deligated
Signed by: GlobalSign OCSP for Root R1 - Signer 1.1
Issued by: GlobalSign Root CA
Signing certificate validity: 2016-12-08 - 2017-04-15
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 3h0m0s

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare
Cache Information: HIT

URL used for GET request

http:/rootr1/MEwwSjBIMEYwRDAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCCwQAAAAAAURO8EJH

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEwwSjBIMEYwRDAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6+MgGqMQQUYHtm
GkUNl8qJUC99BM00qP/8/UsCCwQAAAAAAURO8EJH
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIF6goBAKCCBeMwggXfBgkrBgEFBQcwAQEEggXQMIIFzDCBmaIWBBTq86DRoCVy
ModdJr5pTxgpxypW9hgPMjAxNzAxMjAxMzMyMzhaMG4wbDBEMAkGBSsOAwIaBQAE
FLdXtbacB/gWIxOOkMkqDr4yAaoxBBRge2YaRQ2XyolQL30EzTSo//z9SwILBAAA
AAABRE7wQkeAABgPMjAxNzAxMjAxMzMyMzhaoBEYDzIwMTcwMTI0MTMzMjM4WjAN
BgkqhkiG9w0BAQsFAAOCAQEACZSH66GB/869QrqB5N286ew9v+BBMmi+6pp2uLS+
A6Q1wLfOwjCZJMBsJTiYfs5YxO1wyh6A2+rcjzc9THZU3ILi1V3uczjtKx8zaSc1
jCKZORkc9dI3fs3vA8d2WGNaYnpWTU1hY4kTs7EPkfxzFsFQECcbEBjN8FRl3ZHp
q2Fv/Gie3u6blJoGGzasVhAYvmxYSGhUV9wBfKJg3FTPdW114vzF8WYfLxR8EeRc
aRby/m0W90qHT2Rya1F/w1knTUTCoIFvkJo7MrMCGNWggH23eC5i1q8R6BponuMB
fI+338/qZx4IWN7POhYXXweWDFZWLXwKYSW8Wf3bM+kQTqCCBBgwggQUMIIEEDCC
AvigAwIBAgIOSPWzDw05Du/dU5mPGp8wDQYJKoZIhvcNAQEFBQAwVzELMAkGA1UE
BhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jvb3Qg
Q0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xNjEyMDgwMDAwMDBa
Fw0xNzA0MTUwMDAwMDBaMFsxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxT
aWduIG52LXNhMTEwLwYDVQQDEyhHbG9iYWxTaWduIE9DU1AgZm9yIFJvb3QgUjEg
LSBTaWduZXIgMS4xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxa9i
9lHuFgEVHRnyykCX9uYuMllfeSW+fzACqUkEU4Oq+OiBLf4kPURag3h4PtmXNBXI
tWQLaSblzKkCOmVohLscvJAs2U21ham4sgnfUpIal88IIJ9QuKtMxV2rSoG8+J7S
XG9lokf26Yo9yLQSjj7xZcs+HX+/AaAhHBrMrMTZjDvbSrkJjRwspRi6/q+BtNqM
A9KZ7L5VE1MeFzLCctCWR5N3CBwwfvC7kkbCCJcUUMRuoecj04DwafbNtj9KsEJk
KDa1JjOVQw3SJcRdtZnCK7izt2aWAxlxjIowvGbIzQXrxtqfGKdT0IsV+DJIYKVi
lshUYOhP+BSZveJsuwIDAQABo4HVMIHSMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUE
DDAKBggrBgEFBQcDCTAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTq86DRoCVyModd
Jr5pTxgpxypW9jAfBgNVHSMEGDAWgBRge2YaRQ2XyolQL30EzTSo//z9SzAPBgkr
BgEFBQcwAQUEAgUAMEwGA1UdIARFMEMwQQYJKwYBBAGgMgFfMDQwMgYIKwYBBQUH
AgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMA0GCSqG
SIb3DQEBBQUAA4IBAQCkfpBz08R1awDiXKHy8QIpS5o4cFzsEiy2kriOC+f+ZIuH
VlyTjm7LzyDlypkWdcf56G2UDzr2Y2ItoieCxB+HLiKmoH/G3LRLMrxaf4rXts83
0S95iVtfiInT8JrG9QiHeJMoX1pmPBbvqYHJOX9AuqfocxT1S2pQgN6BVTCMU9Hn
OGVV+0vbGk6GTQrfoece1DuHBu9QyKF1CAbEbRhmf9h+01XqBdQM8jXuPyvUsS4h
ehCD+FwI2EKUBnktdLr3xyXXjPB7Q7E1tCKEek/SmcEB8wH1Q/7oBVMGZJeFFmfi
mrXYTs7eSdawaVvTefEHUGZBcgB0ueZX4SQjyIl1
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEEDCCAvigAwIBAgIOSPWzDw05Du/dU5mPGp8wDQYJKoZIhvcNAQEFBQAwVzEL
MAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsT
B1Jvb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xNjEyMDgw
MDAwMDBaFw0xNzA0MTUwMDAwMDBaMFsxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBH
bG9iYWxTaWduIG52LXNhMTEwLwYDVQQDEyhHbG9iYWxTaWduIE9DU1AgZm9yIFJv
b3QgUjEgLSBTaWduZXIgMS4xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxa9i9lHuFgEVHRnyykCX9uYuMllfeSW+fzACqUkEU4Oq+OiBLf4kPURag3h4
PtmXNBXItWQLaSblzKkCOmVohLscvJAs2U21ham4sgnfUpIal88IIJ9QuKtMxV2r
SoG8+J7SXG9lokf26Yo9yLQSjj7xZcs+HX+/AaAhHBrMrMTZjDvbSrkJjRwspRi6
/q+BtNqMA9KZ7L5VE1MeFzLCctCWR5N3CBwwfvC7kkbCCJcUUMRuoecj04DwafbN
tj9KsEJkKDa1JjOVQw3SJcRdtZnCK7izt2aWAxlxjIowvGbIzQXrxtqfGKdT0IsV
+DJIYKVilshUYOhP+BSZveJsuwIDAQABo4HVMIHSMA4GA1UdDwEB/wQEAwIHgDAT
BgNVHSUEDDAKBggrBgEFBQcDCTAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTq86DR
oCVyModdJr5pTxgpxypW9jAfBgNVHSMEGDAWgBRge2YaRQ2XyolQL30EzTSo//z9
SzAPBgkrBgEFBQcwAQUEAgUAMEwGA1UdIARFMEMwQQYJKwYBBAGgMgFfMDQwMgYI
KwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkv
MA0GCSqGSIb3DQEBBQUAA4IBAQCkfpBz08R1awDiXKHy8QIpS5o4cFzsEiy2kriO
C+f+ZIuHVlyTjm7LzyDlypkWdcf56G2UDzr2Y2ItoieCxB+HLiKmoH/G3LRLMrxa
f4rXts830S95iVtfiInT8JrG9QiHeJMoX1pmPBbvqYHJOX9AuqfocxT1S2pQgN6B
VTCMU9HnOGVV+0vbGk6GTQrfoece1DuHBu9QyKF1CAbEbRhmf9h+01XqBdQM8jXu
PyvUsS4hehCD+FwI2EKUBnktdLr3xyXXjPB7Q7E1tCKEek/SmcEB8wH1Q/7oBVMG
ZJeFFmfimrXYTs7eSdawaVvTefEHUGZBcgB0ueZX4SQjyIl1
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=10800,public,no-transform,must-revalidate]
Cf-Cache-Status: [HIT]
Cf-Ray: [3243a624371d0697-EWR]
Content-Length: [1518]
Content-Type: [application/ocsp-response]
Date: [Fri, 20 Jan 2017 15:44:39 GMT]
Etag: ["4b508b532481344ebb9951915b1b0d010b5972b4"]
Expires: [Tue, 24 Jan 2017 13:32:38 GMT]
Last-Modified: [Fri, 20 Jan 2017 13:32:38 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=d996ee8aac0f41a89baf236aeb6cdc93f1484927079; expires=Sat, 20-Jan-18 15:44:39 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)
This OCSP response was cached at
http://ocsp.globalsign.com/rootr1 (POST)Good

OCSP response information

Source: Authority Information Access in Certificate
Location: http://ocsp.globalsign.com/rootr1 (POST)
Size: 1518 bytes (DER data)
Response time: 11.405447ms
Signature algorithm: SHA256WithRSA
Signature type: CA Deligated
Signed by: GlobalSign OCSP for Root R1 - Signer 1.1
Issued by: GlobalSign Root CA
Signing certificate validity: 2016-12-08 - 2017-04-15
Signing certificate algorithm: SHA1-RSA
Reported statuses: 1
This update:
Next update:
Produced at:
Status: Good

Relevant server response headers

Date:
Last Modified:
Expires:
Cache Control Max-age: 3h0m0s

Server and network information

Server Software: cloudflare-nginx
Content Delivery Network (CDN): CloudFlare
Cache Information: HIT

Raw OCSP request (PEM encoded)

-----BEGIN OCSP REQUEST-----
MEwwSjBIMEYwRDAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6+MgGqMQQUYHtm
GkUNl8qJUC99BM00qP/8/UsCCwQAAAAAAURO8EJH
-----END OCSP REQUEST-----

Raw OCSP response (PEM encoded)

-----BEGIN OCSP RESPONSE-----
MIIF6goBAKCCBeMwggXfBgkrBgEFBQcwAQEEggXQMIIFzDCBmaIWBBTq86DRoCVy
ModdJr5pTxgpxypW9hgPMjAxNzAxMjAxMzMyMzhaMG4wbDBEMAkGBSsOAwIaBQAE
FLdXtbacB/gWIxOOkMkqDr4yAaoxBBRge2YaRQ2XyolQL30EzTSo//z9SwILBAAA
AAABRE7wQkeAABgPMjAxNzAxMjAxMzMyMzhaoBEYDzIwMTcwMTI0MTMzMjM4WjAN
BgkqhkiG9w0BAQsFAAOCAQEACZSH66GB/869QrqB5N286ew9v+BBMmi+6pp2uLS+
A6Q1wLfOwjCZJMBsJTiYfs5YxO1wyh6A2+rcjzc9THZU3ILi1V3uczjtKx8zaSc1
jCKZORkc9dI3fs3vA8d2WGNaYnpWTU1hY4kTs7EPkfxzFsFQECcbEBjN8FRl3ZHp
q2Fv/Gie3u6blJoGGzasVhAYvmxYSGhUV9wBfKJg3FTPdW114vzF8WYfLxR8EeRc
aRby/m0W90qHT2Rya1F/w1knTUTCoIFvkJo7MrMCGNWggH23eC5i1q8R6BponuMB
fI+338/qZx4IWN7POhYXXweWDFZWLXwKYSW8Wf3bM+kQTqCCBBgwggQUMIIEEDCC
AvigAwIBAgIOSPWzDw05Du/dU5mPGp8wDQYJKoZIhvcNAQEFBQAwVzELMAkGA1UE
BhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jvb3Qg
Q0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xNjEyMDgwMDAwMDBa
Fw0xNzA0MTUwMDAwMDBaMFsxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxT
aWduIG52LXNhMTEwLwYDVQQDEyhHbG9iYWxTaWduIE9DU1AgZm9yIFJvb3QgUjEg
LSBTaWduZXIgMS4xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxa9i
9lHuFgEVHRnyykCX9uYuMllfeSW+fzACqUkEU4Oq+OiBLf4kPURag3h4PtmXNBXI
tWQLaSblzKkCOmVohLscvJAs2U21ham4sgnfUpIal88IIJ9QuKtMxV2rSoG8+J7S
XG9lokf26Yo9yLQSjj7xZcs+HX+/AaAhHBrMrMTZjDvbSrkJjRwspRi6/q+BtNqM
A9KZ7L5VE1MeFzLCctCWR5N3CBwwfvC7kkbCCJcUUMRuoecj04DwafbNtj9KsEJk
KDa1JjOVQw3SJcRdtZnCK7izt2aWAxlxjIowvGbIzQXrxtqfGKdT0IsV+DJIYKVi
lshUYOhP+BSZveJsuwIDAQABo4HVMIHSMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUE
DDAKBggrBgEFBQcDCTAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTq86DRoCVyModd
Jr5pTxgpxypW9jAfBgNVHSMEGDAWgBRge2YaRQ2XyolQL30EzTSo//z9SzAPBgkr
BgEFBQcwAQUEAgUAMEwGA1UdIARFMEMwQQYJKwYBBAGgMgFfMDQwMgYIKwYBBQUH
AgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMA0GCSqG
SIb3DQEBBQUAA4IBAQCkfpBz08R1awDiXKHy8QIpS5o4cFzsEiy2kriOC+f+ZIuH
VlyTjm7LzyDlypkWdcf56G2UDzr2Y2ItoieCxB+HLiKmoH/G3LRLMrxaf4rXts83
0S95iVtfiInT8JrG9QiHeJMoX1pmPBbvqYHJOX9AuqfocxT1S2pQgN6BVTCMU9Hn
OGVV+0vbGk6GTQrfoece1DuHBu9QyKF1CAbEbRhmf9h+01XqBdQM8jXuPyvUsS4h
ehCD+FwI2EKUBnktdLr3xyXXjPB7Q7E1tCKEek/SmcEB8wH1Q/7oBVMGZJeFFmfi
mrXYTs7eSdawaVvTefEHUGZBcgB0ueZX4SQjyIl1
-----END OCSP RESPONSE-----

Raw OCSP Signing Certificate (PEM encoded)

-----BEGIN CERTIFICATE-----
MIIEEDCCAvigAwIBAgIOSPWzDw05Du/dU5mPGp8wDQYJKoZIhvcNAQEFBQAwVzEL
MAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsT
B1Jvb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xNjEyMDgw
MDAwMDBaFw0xNzA0MTUwMDAwMDBaMFsxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBH
bG9iYWxTaWduIG52LXNhMTEwLwYDVQQDEyhHbG9iYWxTaWduIE9DU1AgZm9yIFJv
b3QgUjEgLSBTaWduZXIgMS4xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxa9i9lHuFgEVHRnyykCX9uYuMllfeSW+fzACqUkEU4Oq+OiBLf4kPURag3h4
PtmXNBXItWQLaSblzKkCOmVohLscvJAs2U21ham4sgnfUpIal88IIJ9QuKtMxV2r
SoG8+J7SXG9lokf26Yo9yLQSjj7xZcs+HX+/AaAhHBrMrMTZjDvbSrkJjRwspRi6
/q+BtNqMA9KZ7L5VE1MeFzLCctCWR5N3CBwwfvC7kkbCCJcUUMRuoecj04DwafbN
tj9KsEJkKDa1JjOVQw3SJcRdtZnCK7izt2aWAxlxjIowvGbIzQXrxtqfGKdT0IsV
+DJIYKVilshUYOhP+BSZveJsuwIDAQABo4HVMIHSMA4GA1UdDwEB/wQEAwIHgDAT
BgNVHSUEDDAKBggrBgEFBQcDCTAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTq86DR
oCVyModdJr5pTxgpxypW9jAfBgNVHSMEGDAWgBRge2YaRQ2XyolQL30EzTSo//z9
SzAPBgkrBgEFBQcwAQUEAgUAMEwGA1UdIARFMEMwQQYJKwYBBAGgMgFfMDQwMgYI
KwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkv
MA0GCSqGSIb3DQEBBQUAA4IBAQCkfpBz08R1awDiXKHy8QIpS5o4cFzsEiy2kriO
C+f+ZIuHVlyTjm7LzyDlypkWdcf56G2UDzr2Y2ItoieCxB+HLiKmoH/G3LRLMrxa
f4rXts830S95iVtfiInT8JrG9QiHeJMoX1pmPBbvqYHJOX9AuqfocxT1S2pQgN6B
VTCMU9HnOGVV+0vbGk6GTQrfoece1DuHBu9QyKF1CAbEbRhmf9h+01XqBdQM8jXu
PyvUsS4hehCD+FwI2EKUBnktdLr3xyXXjPB7Q7E1tCKEek/SmcEB8wH1Q/7oBVMG
ZJeFFmfimrXYTs7eSdawaVvTefEHUGZBcgB0ueZX4SQjyIl1
-----END CERTIFICATE-----

Raw OCSP response headers

Cache-Control: [max-age=10800,public,no-transform,must-revalidate]
Cf-Cache-Status: [HIT]
Cf-Ray: [3243a62435d80773-EWR]
Content-Length: [1518]
Content-Type: [application/ocsp-response]
Date: [Fri, 20 Jan 2017 15:44:39 GMT]
Etag: ["4b508b532481344ebb9951915b1b0d010b5972b4"]
Expires: [Tue, 24 Jan 2017 13:32:38 GMT]
Last-Modified: [Fri, 20 Jan 2017 13:32:38 GMT]
Server: [cloudflare-nginx]
Set-Cookie: [__cfduid=dd0b8bd3d1c6c144324f73e7969c96b851484927079; expires=Sat, 20-Jan-18 15:44:39 GMT; path=/; domain=.globalsign.com; HttpOnly]
Vary: [Accept-Encoding]
  • OCSP signing certificate is already valid
  • OCSP signing certificate is not expired
  • OCSP signing certificate does not expire before NextUpdate
  • OCSP signing certificate does contain the Extended Key Usage for OCSP Signing
  • OCSP signing certificate does contain the OCSP No Check extension
  • Content-Type in response is set to 'application/ocsp-response'
  • Response is already valid
  • Response is not expired
  • Revocation information is updated at least once every twelve months
  • The value of the NextUpdate field is not more than twelve months beyond the value of the ThisUpdate field
  • Last-Modified header is the same as ThisUpdate (RFC 5019, section 6.2)
  • NextUpdate is after the date in the Expires cache header
  • The Cache-Control max-age header does not outlive NextUpdate
  • ThisUpdate has a date before NextUpdate
  • Expires cache header is the same as the NextUpdate field (RFC 5019 section 6.2)

GlobalSign Root CA (CA Certificate)

This certificate was cached at
Certificate details for GlobalSign Root CA (At position 2 in certificate chain)
Serial number:
hex: 40000000001154b5ac394
int: 4835703278459707669005204
Issued by: GlobalSign Root CA
Public Key Algorithm: RSA
Not valid before:
Not valid after:
Organization: GlobalSign nv-sa
Organization unit: Root CA
Country: BE
  • This certificate does not contain any links to an LDAP server
  • This certificate does not contain any internal server links
  • This certificate does not contain any links with an unknown format

This is a self signed certificate

Check the revocation status for another website

Created by Paul van Brouwershaven
Revoked certificates can't and should not be trusted, these certificate will cause errors like "NET::ERR_CERT_REVOKED" in browsers.